Re: Should I install chkrootkit?
Charles Kroeger <ckrogrr@frankensteinface.com> writes:
> On Wed, 04 Jun 2014 14:30:02 +0200
> David Guyot <david.guyot@europecamions-interactive.com> wrote:
>
>> Anyone saying that Debian and its software are flawless lies or
>> doesn't know what's he is talking about.
>
> How true. And by the way, I have had chkrootkit installed for a long time and the
> other day I ran it after an upgrade and voilà:
>
> Searching for Suckit rootkit... Warning: /sbin/init INFECTED
>
> as a Sysadmin what do you suggest I can do to rid myself if this? Looking
> into /sbin/init only shows a lot of stuff that looks like modern art.
>
> I await your help, RSVP
>
> --
> CK
Do you have systemd-sysv installed ? When that package is installed
/sbin/init is a symlink to systemd and I have heard that chkrootkit
gives false positives for the suckit rootkit with that.
You could double-check with rkhunter.
Reply to: